undefined | Better HN

0 pointsstaticassertion25d ago0 comments

The specific exploit payload for the POC relies on a su binary. The vuln is ambivalent and other non-su paths will exist.

0 comments

nromiun25d ago

Of course, but it does not matter as the entire AF_ALG module is forbidden by SELinux anyway (on Android).

staticassertionOP25d ago

That's fine and a very separate reason why it would not be exploitable, also assuming that the module is not just compiled in since then loading it would be irrelevant.

j / k navigate · click thread line to collapse

0 comments

nromiun25d ago

Of course, but it does not matter as the entire AF_ALG module is forbidden by SELinux anyway (on Android).

staticassertionOP25d ago

That's fine and a very separate reason why it would not be exploitable, also assuming that the module is not just compiled in since then loading it would be irrelevant.

j / k navigate · click thread line to collapse